In a message dated: Thu, 16 Mar 2000 20:32:56 EST
Derek Martin said:
>On Thu, 16 Mar 2000, Paul Lussier wrote:
>
>> 2. The ability for NIS to use shadow passwords.
>>
>> This alone would greatly enhance the security of NIS.
>
>Originally I didn't think this could be done, but I could swear I've seen
>this mentioned somewhere before. I think all you need to do is set up
>your shadow password file as a map...
Well, yes and no. You don't want anyone to be able to 'ypcat shadow' for
example, then you're right back to where we are now. You need to be able to
have clients authenticate against the shadow file somehow, so I suppose all
authentication requests could be sent to the NIS server, which could then do
the lookup, responding either yes or no.
But for all that effort, why not just move to LDAP which is far more portable,
even if setting up the initial databases is a royal PITA? :)
--
Seeya,
Paul
----
Doing something stupid always costs less (up front)
than doing something intelligent.
A conclusion is simply the place where you got tired of thinking.
If you're not having fun, you're not doing it right!
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
